I've also tried, instead of using the name "testdefault", using the actual groupid

(sg-########)

, but I'll get an error saying that security group doesn't exist (which is wrong, it does). Which, based on the API doc, if using a non-default VPC, you should pass the actual groupid but I'll get an error like this:

InvalidGroup.NotFound, AWS Error Message: The security group 'sg-########' does not exist

If I use "default" as the

setSecurityGroups

it will use the default VPC. It just doesn't seem like like the groupid I'm passing, despite it being accurate.

Also, if I comment out the

setSecurityGroups

code, and use

setSubnetId

instead and pass the subnet id, it will create the instance just fine, but it goes into the "default" security group, not "testdefault" like I want.

All I'm trying to accomplish is creating an instance and having it use the already existing VPC group.

Check how I have defined the subnet ID and security group ID. This code will launch my EC2 instance in subnet-e881bd63 of my VPC and will apply VPC security group ID sg-fd53bf5e to its 0th network interface. Besides, it will also assign a public IP address to my instance. (by default, it will not assign a public IP address when you launch instances in VPC).

FYI. When you launch instances in VPC, you must provide Security group ID instead of security group name.

Email codedump link for Launching Instance: VPC security groups may not be used for a non-VPC launch